If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

In a nutshell, how safe is Teredo with ZA Free?

Hi,

I have 2 computers in a homegroup at home (Windows 7 Ultimate 64 bits and Windows 7 Home Basic 32 bits), behind a TP-Link TL-WR740N router (and ZoneAlarm Free 9.2.076.000).

Both computers have Teredo enabled, but the Ultimate one is always running ("qualified"), whereas the Home basic one is mainly "dormant", unless, of course, I try to reach a website which "triggers" Ipv6 (e.g. "Test your IPv6").

Trying to figure out why the Ultimate computer had the Teredo connection always "qualified" led me to dig deep into the Teredo Tunneling issue, and I became somewhat scared of the security risks in using it.

Apart from opening a "hole" in the router and assigning a global IPv6 address to the computer, the traffic in the tunnel is really IPV6 encapsulated in a IPv4 packet, so the firewall won't be able to filter it properly, applying the desired security policy.

So, here are the 2 questions:

1) In a nutshell, how safe is Teredo? I could just disable it, but it seems that homegroup in Windows 7 requires it.

2) I know that the latest Zonealarm version has IPv6 enabled. Is it effective against potential security threats in Teredo traffic?

Re: In a nutshell, how safe is Teredo with ZA Free?

Well I think there might be a couple consumer isp companies in the entire nation maybe the whole planet that actually issue IPv6 IP addresses. Even then there not broadcasting IPv6 addresses across the internet, there being tunneled to IPv4 to the internet.

There is a lot hype and stories out there that say IPv6 is not needed and what were being told about running out of IPv4 style addresses is all over inflated by companies trying to cash in on it. Its a HUGE infrastructure investment to have the entire internet switched over to IPv6 and will take a very long time or possibly never will happen.

IPv6 is utilized mainly now on private networks and not the public internet.

The overhead in consumer firewall products would be huge to do both 4 and 6 when 6 is not really needed at all.